/*
 * Copyright 2012 the original author or authors.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * 
 */
package org.chacha.context;

import org.chacha.config.Config;
import org.chacha.dao.AccountDAO;
import org.chacha.dao.LoginTokenDAO;
import org.chacha.entity.AuthRequest;
import org.chacha.entity.AuthResponse;
import org.chacha.entity.ResponseCode;
import org.chacha.model.Account;
import org.chacha.model.LoginToken;
/**
 * 
 *	@author: hejing
 *	@date: 2012-11-5-下午07:01:21
 */
public class LoginContextImpl extends AbstractContext implements LoginContext{
	private AccountDAO acctDAO;
	public LoginContextImpl() {
		super();
		acctDAO=new AccountDAO();
	}

	@Override
	public AuthResponse login(AuthRequest req) {
		String userName=((String)req.get(AuthRequest.KEY_USERNAME)).trim();
		Account acct=acctDAO.getAccountByName(userName);
		AuthResponse response=new AuthResponse();
		if(acct==null||!acct.getPasswd().equals(req.get(AuthRequest.KEY_PASSWD)))
			response.setResult(ResponseCode.ERROR_USERPASS);
		else{
			response.setResult(ResponseCode.SUCCESS);
			if(((Integer)req.get(AuthRequest.KEY_ACTION))==AuthRequest.NEEDTOKEN){
				LoginToken token=new LoginToken(userName,Config.getTokenLifeTime()*1000);
				response.setToken(token.getToken());
				//持久化令牌，用于后续令牌校验
				LoginTokenDAO tokenDAO=new LoginTokenDAO();
				tokenDAO.add(token);
			}
		}
		return response;
	}
	
	@Override
	public AuthResponse loginToken(AuthRequest req) {
		String token=((String)req.get(AuthRequest.KEY_TOKEN)).trim();
		LoginTokenDAO tokenDAO=new LoginTokenDAO();
		LoginToken loginToken=tokenDAO.getToken(token);
		AuthResponse response=new AuthResponse();
		if(loginToken==null){//令牌不存在
			response.setResult(ResponseCode.ERROR_TOKENNOTEXIST);
		}else {
			String dstToken=loginToken.getToken();
			long life=loginToken.getTokenLifeTime();
			String userName=loginToken.getUserName();
			if(!token.equals(dstToken))
				response.setResult(ResponseCode.ERROR_TOKEN);//错误的令牌
			else{
				if(life>=System.currentTimeMillis()){
					response.setResult(ResponseCode.SUCCESS);//令牌认证成功
					response.setToken(userName);	//返回用户名
				}
				else{
					response.setResult(ResponseCode.ERROR_TOKENDISABLE);//令牌已失效
					//是否清除令牌？批量定时清除还是实时清除，还需考虑
				}
			}
		}
		return response;
	}

	@Override
	public AuthResponse logout(AuthRequest req) {
		AuthResponse response=new AuthResponse();
		String token=((String)req.get(AuthRequest.KEY_TOKEN)).trim();
		LoginTokenDAO tokenDAO=new LoginTokenDAO();
		LoginToken loginToken=tokenDAO.getToken(token);
		if(loginToken==null){//令牌不存在
			response.setResult(ResponseCode.ERROR_TOKENNOTEXIST);
		}else{
			//删除令牌，注销
			tokenDAO.delete(loginToken);
			response.setResult(ResponseCode.SUCCESS);
		}
		return response;
	}


}
